[c-nsp] 7206 Config Help - DSL Aggregration
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Fri Aug 18 01:52:33 EDT 2006
Paul Stewart <> wrote on Thursday, August 17, 2006 11:53 PM:
> Thanks.. I've come up with another solution but it's kind of "ugly"...
> The l2tp provider can send me different l2tp tunnels to various
> loopback connections on my side. So, in this setup they will send
> each domain to a different loopback address on our side (same PVC
> etc.) I end up with three loopback addresses per l2tp tunnel this
> way though...
>
> They won't provide separate PVC's for each domain (the provider) which
> was our first choice... That's what complicated this.
>
> I agree proxy radius would be a good way to do it, but I'm trying to
> avoid that for now... Long story..;)
>
> Thanks again everyone... It seems the obvious answer is to either
> overcome the proxy radius issue or go with the loopback options....
I don't think using different loopbacks alone will work (at least not
currently) as you won't be able to use the local loopback address/tunnel
destination as a selection criteria for the vpdn-group, your ISP needs
to use different tunnel names for the tunnels (all could use the same
tunnel destination address), and then you can reference these tunnel
names in the terminate-from host clause in the different vpdn-groups,
reference different vtemplates, which in turn reference different AAA
methods and pools.
I have never worked with it, but ISG in 12.2SB is much more flexible to
select services based on domain/realm and other criteria.. Take a look
at
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122sb/cg/isg
_lib/index.htm
oli
More information about the cisco-nsp
mailing list